Skip to content

Commit

Permalink
Save bootstrap details to JSON file (risc0#9)
Browse files Browse the repository at this point in the history 
* Save bootstrap details to JSON file

* Address code review comments
  • Loading branch information
@pbeza
pbeza authored Jan 20, 2024
1 parent 2f796f9 commit 9485595
Show file tree
Hide file tree
Showing 9 changed files with 175 additions and 48 deletions.
80 changes: 72 additions & 8 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 5 additions & 5 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,15 +23,15 @@ RUN apt-get update && \
RUN mkdir -p \
./bin \
./guests/sgx \
./secrets \
/etc/opt/raiko \
/root/.config/raiko/config \
/root/.config/raiko/secrets \
/tmp/sgx \
/var/log/raiko

COPY --from=builder /opt/raiko/target/release/raiko-guest ./guests/sgx/
COPY --from=builder /opt/raiko/raiko-guest/config/raiko-guest.manifest.template ./guests/sgx/
COPY --from=builder /opt/raiko/target/release/raiko-guest ./guests/sgx
COPY --from=builder /opt/raiko/raiko-guest/config/raiko-guest.manifest.template ./guests/sgx
COPY --from=builder /opt/raiko/target/release/raiko-host ./bin
COPY --from=builder /opt/raiko/raiko-host/config/config.toml /etc/opt/raiko/
COPY --from=builder /opt/raiko/raiko-host/config/config.toml /root/.config/raiko/config
COPY --from=builder /opt/raiko/docker/entrypoint.sh ./bin
COPY ./sgx-ra/src/*.so /usr/lib/

Expand Down
2 changes: 1 addition & 1 deletion README_Raiko.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,7 @@ To run `raiko-guest` in _one-shot_ mode with SGX using Gramine:
-----------------------------------------------------------------------------------------------------------------------
Bootstrapping the app
Next public key: 0x021d90eee5c402692fa3a3d3edd43a052367efbd6e4d26b9ca14099516525b9d09
Entry: /secrets/priv.key
Entry: /root/.config/raiko/secrets/priv.key
```
1. Run `raiko-guest` with the input file of your choice:

Expand Down
6 changes: 3 additions & 3 deletions docker/docker-compose-pos.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,14 +3,14 @@ services:
raiko:
image: gcr.io/evmchain/raiko:latest-pos
container_name: raiko
command: --config-path=/etc/opt/raiko/config.toml
command: --config-path=/root/.config/raiko/config/config.toml
devices:
- "/dev/sgx_enclave:/dev/sgx_enclave"
- "/dev/sgx_provision:/dev/sgx_provision"
volumes:
- ${HOME}/.config/raiko/secrets:/opt/raiko/secrets
- /tmp/sgx:/tmp/sgx
- /var/log/raiko:/var/log/raiko
# - YOUR_CONFIG_PATH:/etc/opt/raiko/config.toml
# - YOUR_CONFIG_PATH:$HOME/.config/raiko/config/config.toml
- ${HOME}/.config/raiko:/root/.config/raiko
ports:
- "8080:8080"
4 changes: 2 additions & 2 deletions docker/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,13 @@ services:
raiko:
image: gcr.io/evmchain/raiko:latest
container_name: raiko
command: --config-path=/etc/opt/raiko/config.toml
command: --config-path=/root/.config/raiko/config/config.toml
devices:
- "/dev/sgx_enclave:/dev/sgx_enclave"
- "/dev/sgx_provision:/dev/sgx_provision"
volumes:
- ${HOME}/.config/raiko/secrets:/opt/raiko/secrets
- /tmp/sgx:/tmp/sgx
- /var/log/raiko:/var/log/raiko
- ${HOME}/.config/raiko:/root/.config/raiko
ports:
- "8080:8080"
7 changes: 6 additions & 1 deletion raiko-guest/Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,11 +18,16 @@ secp256k1 = { version = "0.27.0", features = [
] }
rand = "0.8.5"
hex = "0.4.3"
clap = { version = "4.4.6", features = ["derive"] }
clap = { version = "4.4.6", features = ["derive", "string"] }
ethers-core = { version = "2.0", features = ["optimism"] }
zeth-primitives = { path = "../primitives", features = ["taiko"] }
rand_core = "0.6.4"
sha3 = "0.10.8"
serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0"
base64-serde = "0.7.0"
base64 = "0.21.7"
dirs = "5.0.1"

[features]
sgx-ra = ["dep:sgx-ra"]
18 changes: 5 additions & 13 deletions raiko-guest/config/raiko-guest.manifest.template
View file
Original file line number Diff line number Diff line change
@@ -1,20 +1,10 @@
# This is Gramine's manifest file.
# To learn more see: https://gramine.readthedocs.io/en/stable/manifest-syntax.html
#
# How to use it?
#
# 1. Build the app with `cargo build`.
# 2. Copy this file `target/debug`.
# 3. Run:
# export SECRETS_DIR="./secrets"
# export INPUT_FILES_DIR="/tmp"
# gramine-manifest -Dlog_level=error -Darch_libdir=/lib/x86_64-linux-gnu/ raiko-guest.manifest.template raiko-guest.manifest
# gramine-sgx-sign --manifest raiko-guest.manifest --output raiko-guest.manifest.sgx
# gramine-sgx ./raiko-guest

loader.entrypoint = "file:{{ gramine.libos }}"
libos.entrypoint = "/raiko-guest"
loader.log_level = "{{ log_level }}"
loader.env.HOME = "/root"
loader.env.LD_LIBRARY_PATH = "/lib:{{ arch_libdir }}"
loader.env.RUST_LOG = "info"

Expand All @@ -24,7 +14,8 @@ fs.mounts = [
{ path = "{{ arch_libdir }}", uri = "file:{{ arch_libdir }}" },
{ path = "/usr/lib/ssl/certs/", uri = "file:/usr/lib/ssl/certs/" },
{ path = "/tmp", uri = "file:/tmp" },
{ path = "/secrets/", uri = "file:{{ env.get('SECRETS_DIR', '../../secrets') }}", type = "encrypted", key_name = "_sgx_mrsigner" },
{ path = "/root/.config/raiko/config", uri = "file:/root/.config/raiko/config" },
{ path = "/root/.config/raiko/secrets", uri = "file:{{ '/root/.config/raiko/secrets' }}", type = "encrypted", key_name = "_sgx_mrsigner" },
]
sys.insecure__allow_eventfd = true
loader.insecure__use_cmdline_argv = true
Expand All @@ -46,5 +37,6 @@ sys.enable_extra_runtime_domain_names_conf = true
sgx.remote_attestation = "dcap"

sgx.allowed_files = [
"file:{{ env.get('INPUT_FILES_DIR', '/tmp') }}",
"file:/tmp/sgx",
"file:/root/.config/raiko/config",
]
18 changes: 16 additions & 2 deletions raiko-guest/src/app_args.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@ use std::path::PathBuf;
use clap::{ArgAction, Args, Parser, Subcommand};
use zeth_primitives::{Address, B256};

const DEFAULT_RAIKO_USER_CONFIG_SUBDIR_PATH: &str = ".config/raiko";

#[derive(Debug, Parser)]
pub struct App {
#[clap(flatten)]
Expand Down Expand Up @@ -44,13 +46,25 @@ pub struct OneShotArgs {
pub l2_chain: Option<String>,
}

fn get_default_raiko_user_config_path(subdir: &str) -> PathBuf {
let mut home_dir = dirs::home_dir().unwrap();
home_dir.push(DEFAULT_RAIKO_USER_CONFIG_SUBDIR_PATH);
home_dir.push(subdir);
home_dir
}

#[derive(Debug, Args)]
pub struct GlobalOpts {
#[clap(short, long, default_value = "/secrets")]
#[clap(short, long, default_value=get_default_raiko_user_config_path("secrets").into_os_string())]
/// Path to the directory with the encrypted private keys being used to sign the
/// blocks.
/// blocks. For more details on the encryption see:
/// https://gramine.readthedocs.io/en/stable/manifest-syntax.html#encrypted-files
pub secrets_dir: PathBuf,

#[clap(short, long, default_value=get_default_raiko_user_config_path("config").into_os_string())]
/// Path to the directory with raiko configuration files.
pub config_dir: PathBuf,

#[clap(long, short, global = true, action = ArgAction::Count)]
/// Verbosity of the application. Use multiple times to increase verbosity.
pub verbose: u8,
Expand Down
Loading

0 comments on commit 9485595

Please sign in to comment.